Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices up to and including 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability (4.x versions exist only for other Genie Access products).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
genieaccess wip3bvaf_firmware |